- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
Many midsized companies won’t consider identity management, because they think it is too difficult to deploy, too expensive to purchase and implement, and too complicated to administer and maintain.
The problem is that it’s precisely when companies grow to midmarket ($150 million to $1 billion) that user accounts seem to multiply like rabbits, and “password management” requires a disproportionate percentage of security budgets and manpower.
Postponing an investment in some form of unified account or identity management often proves to be one of the most common — and costly — mistakes in security today.
User accounts are like mold: Left unattended, their numbers grow unabated. The number of user accounts per employee increases because companies must expand their application mix to remain competitive, comply with regulatory guidelines, improve marketing and merchandising, and collaborate effectively.
This is a common consequence of growth, but in my experience it rarely occurs without adding considerable user account and authentication overhead. The reasons are easy to identify and nearly impossible to avoid: Many applications use disparate or proprietary authentication methods and databases, and finding a single authentication platform that’s supported by every application is nearly impossible.
The results are too frequently the same. Users have multiple accounts and must contend with multiple authentication procedures and interfaces. Employee productivity and willingness to comply with password security policies deteriorate over time as frustration sets in over having to flog through multiple authentication challenges to complete work.
IT struggles to create, maintain, archive and delete accounts at diverse authentication databases in a timely manner; for example, before credentials can be abused by disgruntled employees or exploited by attackers. In most cases, IT spends time helping employees with password issues that could be more productively applied to patch management and other proactive desktop-security measures.
The Leader in Network Knowledge
Comment